Sciweavers

IEEEARES
2009
IEEE

Capturing Information Flow with Concatenated Dynamic Taint Analysis

14 years 7 months ago
Capturing Information Flow with Concatenated Dynamic Taint Analysis
Dynamic taint analysis (DTA) is a technique used for tracking information flow by propagating taint propagation across memory locations during program execution. Most implementations of DTA are based on dynamic binary instrumentation (DBI) frameworks or whole-system emulators/virtual machine monitors. The boundary of information tracking with DBI frameworks is a single process, while system emulators can cover a host, including the OS. Using system emulators, it may be possible to consider taint propagation across multiple processes executing locally, within the emulator. However, there is an increasing need for tracking information flow across single-system boundaries and across the whole enterprise. We describe a proof-of-concept architecture for tracking multiple mixed-information flows among several processes across a distributed enterprise. Our DTA tool is based on PIN, a DBI framework by Intel, and the concatenated DTA processing is realized with per-host flow managers. We h...
Hyung Chan Kim, Angelos D. Keromytis, Michael Covi
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where IEEEARES
Authors Hyung Chan Kim, Angelos D. Keromytis, Michael Covington, Ravi Sahita
Comments (0)